[GoLUG] If firefox really cared about security

[Barry Fishman]

On 2025-08-30 00:36:07 -07, Kyle Terrien wrote:
> On Fri, Aug 29, 2025 at 12:35:13PM -0500, Barry Fishman wrote:
>> Browsers that continue to use the XUL extensions like Waterfox, Pale
>> Moon, Basilisk, and Conkeror, or webkit ones like Nyxt only have niche
>> amounts of users.
>
> Yes, and that’s because small indie players have trouble keeping up
> with the ever-evolving web standards.

I think it's just another case where the standards have been taken over
by the corporations to make it meet their goals and not those of the
public.

>> I needed to sign a contract via the web recently that required the
>> participants, split across the country, to use Chrome.  I ended up
>> having to temporarily install Chrome on my laptop, and afterwards spend
>> time erasing the changes it made in my user configuration.  Fortunately
>> this wasn't as bad as in the past, where it hooked itself into my
>> default media files.  Now Chrome asks (persistently) first.
>
> Interesting.  Is it DocuSign who is now only supporting Chrome?

DocuSign in general works with Firefox just fine.  In my case it
involved a conference call with a visual link so I could prove my
identity by showing a RealID and face to a Notary, neutral witness
and intermediary who then observed me "signing" documents.

I don't know if it would work with Firefox, but was told that Chrome or
Safari running on computer was required, and that a Phone could be used
only as a last resort.

>> Firefox made concessions which did not reverse their loss of users, but
>> did keep them relevant in the browser user base.  As Chrome, and Google in
>> general tend to make their user experience worse with more ads and junk,
>> people might again start moving back to Firefox as it is.  I don't think
>> they will move to a more user-centric browser that they couldn't run
>> most streaming services.  Or maybe it is a lost cause.
>
> It sounds great, because supposedly Firefox is the last hope.
> However...
>
> 1) Firefox has made their user experience worse with the numerous
> redesigns, all of which have been unpopular.
>
> 2) The rhetoric about “freedom” is merely rhetoric, as my previous
> couple messages expound in excruciating detail.
>
> 3) Mozilla is owned by an ad company nowadays.  Also, they are about
> to lose their funding from another large ad company (Google) if the
> antitrust suit goes through.
>
> It’s a matter of time before Firefox users and revertees figure out
> that they had the carpet pulled out from under them.  My conclusion is
> that Firefox is a lost cause, and there isn’t really a good contender
> at the moment, especially one that has the user’s interests and
> freedoms in mind.

I'm not looking for a knight (or platform) in shining armor to come in
and protect me.  I just want a way of still functioning in the present
while I try to do what I can to help in building a framework of
standards with is more resiliency to power of the few large corporations
that are currently driving the direction of the internet.  I think part
of the solution is relying on "protocols and not platforms".  Then
platforms can be replaced when they become no longer useful, and forces
the keep us on platforms that become less user-centric with time can be
counteracted.

I look at Firefox and my mobile phone OS, not as a solution but a way to
"render under Caesar that which is Caesar's".  I still need it to
identify myself to banks, pay bills, and read some news sites.  But when
I can avoid them I do.

I still (at least for a while) can use UBlock Origin to remove the ads
which overwhelm websites.  Firefox still has an "about:" interface that
you can do things like manipulate web pages yourself and remove things
you don't like, such as the annoying popups when you visit a site about
controlling your cookies or implore you to login with Google well after
that information might be considered useful.  This process does become a
game of wack-a-mole, and the web pages change.

Sometimes I can avoid the web by write my own programs that either scrap
web pages or lately just directly replace the Javascript which is used
to build the web page with my own code to interact with the JSON APIs
that the website uses internally and display just the information I
need.

> Brave Browser has resisted well.  They have a working ad blocker
> built-in and disable EME by default.  However, they are still reliant
> on the Chromium code base.  Their efforts will only work for so long.

I don't really want to rely on a built-in platform controlled blocker.
I want one that is developed by people who's goal is supplying an ad
blocker and I want multiple independent alternative choices to keep
things honest.  For now I am willing to pay for things when the Ad
supported alternatives are so easily subject to the influence of Ad
companies and the same set companies that are making the web so bad.

This still means getting around the companies who after you pay them
realize the can get even more money by also selling your information in
addition to what you pay them primarily to brokers used by Ad
companies, and involve the same set of companies you are trying to
avoid. [I'm getting to sound like the song "There is a hole in the bucket"]

People still treat ad supported media as free, but we really end up
paying for it in the higher prices of products we buy to help pay the
large overhead used to support the intermediaries who run the ads
networks and the platform cost of delivering those ads.  We pay for the
delivery system for the ads which are taking a monopoly share of the
profit made companies that run the website, which actually providing
the service.

>> This is drifting in to politics, but unfortunately much of Science and
>> Tech has been politicalized.  This forces us to be confronted in the same
>> way.

> Yes, there is a political side of the issue.  The previous example of
> EME is not value neutral.  Widespread adoption of EME swings the
> pendulum in favor of the copyright holders and away from the public.

>> If you are interested in what I think is going on you might read the
>> book "Doppleganger" by Naomi Klein.  I stole the idea of "Pipikism" from
>> her.  Its not an easy read for those of us that are concerned, but it
>> does give a clear viewpoint on what seems to be happening, and how it
>> might be confronted.
>
> I have not heard of that book, but now I’m interested.

Another book looking primarily at the Tech aspect of this process is
"Enshittification" by Cory Doctorow.  Its not quite out yet, but he has
talked about it extensively, and the word "enshittification" has make it
into dictionaries.

I've been listening to the first part of the book which he read on the
current 500th episode of his podcast "https://craphound.com/podcast/".  He
gives his own interpretation of why the internet is getting worse rather
than better with time.

-- 
Barry Fishman